On Fri, 19 Nov 2004 13:54:30 -0500, bkfsec <[EMAIL PROTECTED]> wrote: > Danny wrote: > > > > >Well, it sure does help the anti-virus (anti-malware) and security > >consulting business, but besides that... is it not safe to say that: > > > >1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? > >2) A considerable amount of "script kiddies" originate and grow through IRC? > >3) A wee bit of software piracy occurs? > >4) That many organized DoS attacks through PC zombies are initiated through > >IRC? > >5) The anonymity of the whole thing helps to foster all the illegal > >and malicious activity that occurs? > >The list goes on and on... > > > >Sorry to offend those that use IRC legitimately (LOL - find something > >else to chat with your buddies), but why the hell are we not pushing > >to sunset IRC? > > > >What would IT be like today without IRC (or the like)? Am I narrow > >minded to say that it would be a much safer place? > > > > > > > I don't think that it would have any impact at all with regard to > stopping malware and crackers. > > Even if the legitimate IRC servers were shut down, it would still be a > simple matter for them to create their own servers on non-standard > ports. Barring their ability to do that, they'll completely move to IM > or P2P protocols (like WASTE) to carry out their attacks. They've > already created the tools to do this and they're actively doing it right > now. > > In fact, in this regard IRC is a godsend with regard to tracking down > attackers. It's easier to determine the location of an IRC bot and to > track unencrypted IRC traffic than it is to track WASTE packets or IM > connections. > > Protocols (and their implementations) aren't causing the "illegal > activity" as much as the drive to carry out illegal acts is.
Fair enough... I just need to be enlightened. Thanks for your time. ...D _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
